RI CODE invited Christopher Lenk, a representative of ZITiS and leader of FORMOBILE's task dedicated to "Malware Analysis" to take part in this two-day event. Christopher is currently completing his PhD and was very happy to be involved– finding it a valuable and worthwhile meeting:
"For me as an employee and PhD student in the FORMOBILE project, the science track of the conference (12th November 2020) was a good opportunity to receive feedback on developments that have already been completed and that are still planned. It was also possible to present the FORMOBILE project's malware analysis platform to a further potential user group."
Christopher was positive towards the organisation of the event, especially as it took place as a virtual event rather than a physical meeting.
"The conference was well organised, despite the necessary digital participation. RI CODE was able to bring together many experts from Europe who spoke in keynotes, panel discussions and workshops on current cybersecurity issues and about research and development projects. Overall, it was an interesting and lively conference."
The event's focus was Europe's Digital Sovereignty – Road to Success? Christopher was able to extract value from the meeting and concluded that the main takeaways were:
- The Importance of Europe's digital sovereignty and needed actions (e.g. the support of European software development to break the dependency on US companies and the importance of cybersecurity)
- A selection of the innovations and solutions currently available/under development in Europe (e.g. from companies like Hensoldt or Rheinmetall and from research institutes like the Leibniz Supercomputing Centre or the RI CODE)
- Current research and developments at universities in Europe (PhD projects; e.g. from the Masaryk University (Czech Republic), from the Cyprus University of Technology or from the Université de Lorraine (France))
The presentation delivered by Christopher highlighted his efforts during the first 18 months of the FORMOBILE initiative. The full presentation is available here. However, we have listed the main points covered during the session.
- Malware Intro – Android a target of attack.
- Android is the most common mobile operating system found in many areas of life.
- Millions of applications with malicious intents
- Many versions of the Android system with unclosed vulnerabilities
- Need to automate the analysis of suspicious applications
- The automated analysis for applications from Android devices (Prototype Created through FORMOBILE)
- Web-access: Set automatic operation (Upload of parameters) – device manufacturer, Android version, run time/user-impersonated clicks
- Effective and precise, hardware-based analysis with static and dynamic techniques
- Report of behaviour shown during execution and examination as well as the likelihood of an application being malicious
- Requirements of the forensic process
- Adhere to regulations
- No interference of evidence
- Planned developments
- Realistic Android system simulation
- Advanced program analysis
Christopher has a working prototype of the analysis platform and is busy expanding the functionality to cover more applications and versions of Android.
If you would like to stay updated with the development of the Malware Analysis application and other FORMOBILE tools, sign up a FORMOBILE Stakeholder.